1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
|
Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194]
helo=mx.sourceforge.net)
by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <melvincarvalho@gmail.com>) id 1VceR2-000408-6c
for bitcoin-development@lists.sourceforge.net;
Sat, 02 Nov 2013 16:52:28 +0000
Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com
designates 209.85.215.49 as permitted sender)
client-ip=209.85.215.49; envelope-from=melvincarvalho@gmail.com;
helo=mail-la0-f49.google.com;
Received: from mail-la0-f49.google.com ([209.85.215.49])
by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1VceR0-0007ul-Tg
for bitcoin-development@lists.sourceforge.net;
Sat, 02 Nov 2013 16:52:28 +0000
Received: by mail-la0-f49.google.com with SMTP id ev20so2511757lab.22
for <bitcoin-development@lists.sourceforge.net>;
Sat, 02 Nov 2013 09:52:20 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.112.171.228 with SMTP id ax4mr5065136lbc.6.1383411140168;
Sat, 02 Nov 2013 09:52:20 -0700 (PDT)
Received: by 10.112.159.233 with HTTP; Sat, 2 Nov 2013 09:52:20 -0700 (PDT)
In-Reply-To: <CANEZrP2N1DRBcN4JuXKJAodKwk=qNk5hiSnLyx1vbQ1gAd=EhQ@mail.gmail.com>
References: <20131102050144.5850@gmx.com>
<CANEZrP2UwEX+u0XCxmaMaRWqVMr+3E63UYnVz9oMubbsiJU+6A@mail.gmail.com>
<5274FBF7.90301@iki.fi>
<CANEZrP2N1DRBcN4JuXKJAodKwk=qNk5hiSnLyx1vbQ1gAd=EhQ@mail.gmail.com>
Date: Sat, 2 Nov 2013 17:52:20 +0100
Message-ID: <CAKaEYhKkWGYOGrbmTtziBsDjz3wMPoPWKtfQs6bEK8-a-sfpyw@mail.gmail.com>
From: Melvin Carvalho <melvincarvalho@gmail.com>
To: Mike Hearn <mike@plan99.net>
Content-Type: multipart/alternative; boundary=001a11c3704496945504ea348195
X-Spam-Score: -0.6 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.
See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information. [URIs: doubleclick.net]
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(melvincarvalho[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
1.0 HTML_MESSAGE BODY: HTML included in message
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1VceR0-0007ul-Tg
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Message Signing based authentication
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Sat, 02 Nov 2013 16:52:28 -0000
--001a11c3704496945504ea348195
Content-Type: text/plain; charset=ISO-8859-1
On 2 November 2013 17:26, Mike Hearn <mike@plan99.net> wrote:
> Guys, identity systems for the web are off-topic for this list. Other than
> the anonymous passports/SINs/fidelity bond ideas, Bitcoin doesn't have any
> relevance to it.
>
> On Sat, Nov 2, 2013 at 2:19 PM, Hannu Kotipalo <hannu.kotipalo@iki.fi>wrote:
>
>> Maybe this is a bit off-topic, but the *real* answer to the question
>> "why-is-nobody-using-ssl-client-certificates" is that it would force
>> www pages to be encrypted and would make it a lot more difficult for
>> NSA to log www-trafic.
>>
>
> No, it wouldn't. You can log a user in using SSL and then redirect the
> user back to an encrypted page, using cookies for the rest of the session.
> Please don't clutter up this list with conspiracy theories. The brutal
> reality is that identity is a hard problem.
>
Identity need not be a hard problem. In my view it is a solved problem.
You have a real world entity translated to a digital format. Yes that can
be slightly ambiguous at time, naming is hard, and people do get this wrong
frequently.
The most common problem is to name something in a way that does not scale.
The solution to this problem is rather easy, and that is to use a URI to
name something, which makes it global and scalable.
In the case of bitcoin you could have use the bitcion URI scheme
bitcion:1fhdjkfhjksf...
>
>
> ------------------------------------------------------------------------------
> Android is increasing in popularity, but the open development platform that
> developers love is also attractive to malware creators. Download this white
> paper to learn more about secure code signing practices that can help keep
> Android apps secure.
> http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
>
--001a11c3704496945504ea348195
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><br><div class=3D"gmail_extra"><br><br><div class=3D"gmail=
_quote">On 2 November 2013 17:26, Mike Hearn <span dir=3D"ltr"><<a href=
=3D"mailto:mike@plan99.net" target=3D"_blank">mike@plan99.net</a>></span=
> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div dir=3D"ltr">Guys, identity systems for =
the web are off-topic for this list. Other than the anonymous passports/SIN=
s/fidelity bond ideas, Bitcoin doesn't have any relevance to it.<div cl=
ass=3D"gmail_extra">
<br><div class=3D"gmail_quote"><div class=3D"im">
On Sat, Nov 2, 2013 at 2:19 PM, Hannu Kotipalo <span dir=3D"ltr"><<a hre=
f=3D"mailto:hannu.kotipalo@iki.fi" target=3D"_blank">hannu.kotipalo@iki.fi<=
/a>></span> wrote:<br><blockquote class=3D"gmail_quote" style=3D"margin:=
0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Maybe this is a bit off-topic, but the *real* answer to the question<br>
"why-is-nobody-using-ssl-client-certificates" is that it would fo=
rce<br>
www pages to be encrypted and would make it a lot more difficult for<br>
NSA to log www-trafic.<br></blockquote><div><br></div></div><div>No, it wou=
ldn't. You can log a user in using SSL and then redirect the user back =
to an encrypted page, using cookies for the rest of the session. Please don=
't clutter up this list with conspiracy theories. The brutal reality is=
that identity is a hard problem.</div>
</div></div></div></blockquote><div><br></div><div>Identity need not be a h=
ard problem.=A0 In my view it is a solved problem.<br><br></div><div>You ha=
ve a real world entity translated to a digital format.=A0 Yes that can be s=
lightly ambiguous at time, naming is hard, and people do get this wrong fre=
quently.<br>
<br></div><div>The most common problem is to name something in a way that d=
oes not scale.=A0 The solution to this problem is rather easy, and that is =
to use a URI to name something, which makes it global and scalable.<br><br>
In the case of bitcoin you could have use the bitcion URI scheme<br><br>bit=
cion:1fhdjkfhjksf...</div><div>=A0</div><blockquote class=3D"gmail_quote" s=
tyle=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div=
dir=3D"ltr">
<div class=3D"gmail_extra"><div class=3D"gmail_quote">
</div></div></div>
<br>-----------------------------------------------------------------------=
-------<br>
Android is increasing in popularity, but the open development platform that=
<br>
developers love is also attractive to malware creators. Download this white=
<br>
paper to learn more about secure code signing practices that can help keep<=
br>
Android apps secure.<br>
<a href=3D"http://pubads.g.doubleclick.net/gampad/clk?id=3D65839951&iu=
=3D/4140/ostg.clktrk" target=3D"_blank">http://pubads.g.doubleclick.net/gam=
pad/clk?id=3D65839951&iu=3D/4140/ostg.clktrk</a><br>___________________=
____________________________<br>
Bitcoin-development mailing list<br>
<a href=3D"mailto:Bitcoin-development@lists.sourceforge.net">Bitcoin-develo=
pment@lists.sourceforge.net</a><br>
<a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development=
" target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de=
velopment</a><br>
<br></blockquote></div><br></div></div>
--001a11c3704496945504ea348195--
|